183 matches found
DEBIAN-CVE-2023-52878
In the Linux kernel, the following vulnerability has been resolved: can: dev: canputechoskb: don't crash kernel if canpriv::echoskb is accessed out of bounds If the "struct canpriv::echooskb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message a...
CVE-2023-52878
In the Linux kernel, the following vulnerability has been resolved: can: dev: canputechoskb: don't crash kernel if canpriv::echoskb is accessed out of bounds If the "struct canpriv::echooskb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message a...
CVE-2023-52878 can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds
In the Linux kernel, the following vulnerability has been resolved: can: dev: canputechoskb: don't crash kernel if canpriv::echoskb is accessed out of bounds If the "struct canpriv::echooskb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message a...
CVE-2024-35822
The connected documents confirm CVE-2024-35822 affects the Linux kernel USB gadget mass storage path (usb_udc) where a thread may disable an endpoint while the main thread queues a request. Root cause: a warning in usb_ep_queue() was triggered instead of a functional failure. Fix: replacing WARN_...
CVE-2024-4810
CVE-2024-4810 is rejected/not used; it has been replaced by CVE-2024-36015.
CVE-2024-26312
Archer Platform 6 before 2024.03 contains a sensitive information disclosure vulnerability. An authenticated attacker could potentially obtain access to sensitive information via a popup warning message...
CVE-2024-32876 NewPipe has potential security vulnerability when importing settings
NewPipe is an Android app for video streaming written in Java. It supports exporting and importing backups, as a way to let users move their data to a new device effortlessly. However, in versions 0.13.4 through 0.26.1, importing a backup file from an untrusted source could have resulted in...
CVE-2021-47188
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Improve SCSI abort handling The following has been observed on a test setup: WARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcdqueuecommand+0x468/0x65c Call trace: ufshcdqueuecommand+0x468/0x65c...
CVE-2024-26645
In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...
CVE-2024-26645
In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...
CVE-2024-26645 tracing: Ensure visibility when inserting an element into tracing_map
In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...
WP Not Login Hide <= 1.0 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Visit the "WPNLH" interface availab...
Information disclosure
Archer Platform 6.x before 6.13 P2 HF2 6.13.0.2.2 contains a sensitive information disclosure vulnerability. An authenticated attacker could potentially obtain access to sensitive information via a popup warning message. 6.14 6.14.0 is also a fixed release...
CVE-2023-45357
Archer Platform 6.x before 6.13 P2 HF2 6.13.0.2.2 contains a sensitive information disclosure vulnerability. An authenticated attacker could potentially obtain access to sensitive information via a popup warning message. 6.14 6.14.0 is also a fixed release...
Archer Platform Security Vulnerability
Archer Platform is a modern integrated risk management solution from Archer, Inc. A security vulnerability exists in Archer Platform version 6.x prior to 6.13.0.2.2, which stems from the inclusion of a sensitive information disclosure vulnerability, where an authenticated attacker may be able to...
“The Access Policy has externally been modified and cannot be changed by Studio” warning message
After setting access policy rule, “Access Policy” option in “Edit Delivery Group” dialog cannot display. ------------------------ Add-PSSnapin -Name Citrix. Set-BrokerAccessPolicyRule 'AG' -IncludedClientIPFilterEnabled $True Set-BrokerAccessPolicyRule 'AG' -IncludedClientIPs xxx.xxx.xxx.xxx...
USN-6191-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon regression
USN-6081-1, USN-6084-1, USN-6092-1 and USN-6095-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a spurious warning in the IPv6 subsystem. This update removes the undesired warning message...
PT-2025-49732
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-319.el9.x86 64 1 Description The Linux kernel contained an issue where devlink port type warn would schedule a warning when a devlink port type was not set, but the warning did not clearly indicate which...
CVE-2023-33740
Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message...
Improper access control
Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message...